Applications
Register and manage your OAuth applications. Each application gets a Client ID and Client Secret used to obtain access tokens. New apps start as PENDING and must be approved by an admin before they can obtain tokens. Requires a signed-in developer account.
/oauth/appsDeveloper loginCreate an application
Register a new application and receive its client_id and client_secret. The client_secret is shown only once โ store it securely. The app is created in PENDING status and cannot obtain tokens until an admin approves it.
{
"name": "My Integration",
"description": "Sends invoices from our ERP"
}/oauth/appsDeveloper loginList my applications
Return all applications owned by the signed-in developer.
/oauth/apps/{app_id}Developer loginGet an application
Fetch a single application you own.
/oauth/apps/{app_id}Developer loginUpdate an application
Update the name or description of an application you own.
{
"name": "Renamed Integration",
"description": "Updated description"
}/oauth/apps/{app_id}/regenerate-secretDeveloper loginRegenerate client secret
Rotate the client_secret. The new secret is returned once; the old one stops working immediately.
/oauth/apps/{app_id}/deactivateDeveloper loginDeactivate an application
Disable the application. Its tokens stop working until reactivated.
/oauth/apps/{app_id}/activateDeveloper loginActivate an application
Re-enable a previously deactivated application.
/oauth/apps/{app_id}/activityDeveloper loginGet application activity
Return the activity log for the application (token issuance, user/entity/invoice actions, secret rotation).